HIPAA (Health Insurance Portability and Accountability Act) is a set of rules and regulations that are designed to protect the privacy and security of patients' health information. Some general rules of HIPAA include:

1. Privacy Rule: This rule establishes national standards for safeguarding individuals' medical records and other personal health information. It also gives patients rights over their health information and sets limits on how health care providers can use and disclose such information.

2. Security Rule: The Security Rule sets standards for the protection of electronic personal health information. It addresses the technical and non-technical safeguards that organizations must implement to secure individuals' electronic protected health information.

3. Breach Notification Rule: This rule requires covered entities to notify affected individuals, the Secretary of Health and Human Services, and in some cases, the media in the event of a breach of unsecured protected health information.

4. Enforcement Rule: The Enforcement Rule sets out provisions relating to compliance and investigations, along with the penalties for non-compliance with HIPAA regulations.

These are some of the general rules that govern how covered entities must protect and handle individuals' health information to ensure their privacy and security.